Most websites and OS screens do all they can to make it easier to see them on the diminutive screens of our smartphones. That means bright white backgrounds and bright colors are used to highlight what designers and webmasters want you to see.

Unfortunately, the brightness of those colors and the brightness of the screen itself both impact the power consumption of the display, and by extension, the life of your battery.

Dark Mode essentially reverses color themes, replacing white backgrounds with black. How much power does this simple change save? Well, according to Business Insider, Dark Mode uses 43 percent less power than normal mode in the YouTube App, which is white-heavy.

If it is an established fact though, that dark backgrounds are less power intensive than white ones, why does everyone insist on white backgrounds?

Actually, Google bears at least some responsibility for that, as the company has been quietly encouraging app developers to use the color white as backgrounds for their interfaces for years, via the company's "Material Design Specification."

The company is in the process of shifting gears and plans to roll out a Dark Mode for all Google apps in the future, though no firm data has been established for this.

In any case, the bottom line is that Dark Mode is good for your battery. If you want to enable it on your Android device, just do the following:

Go to "Settings"

Tap "Display" then "Advanced" then "Device Theme"

Then tap "Dark"

That's it. You're in Dark Mode.

If you want to enable Dark Mode for YouTube, here's how:

Launch YouTube on your Android Device

Tap the profile icon (top right corner)

Go to "Settings" and then "General"

Tap the toggle switch for "Dark Theme" to enable it, then tap the back button. Your theme changes will automatically be saved.

]]>http://www.acomputergeek.com/2018/11/19/dark-mode-on-android-phones-extends-battery-life/feed/0Researchers Have Found A New Security Issue With Bluetoothhttp://www.acomputergeek.com/2018/11/17/researchers-have-found-a-new-security-issue-with-bluetooth/
http://www.acomputergeek.com/2018/11/17/researchers-have-found-a-new-security-issue-with-bluetooth/#respondSat, 17 Nov 2018 16:00:00 +0000http://www.acomputergeek.com/2018/11/17/researchers-have-found-a-new-security-issue-with-bluetooth/Researchers from the Israeli security firm Armis have discovered a new security flaw in BLE (Bluetooth Low Energy) chips that expose millions ...]]>Researchers from the Israeli security firm Armis have discovered a new security flaw in BLE (Bluetooth Low Energy) chips that expose millions of access points and networking devices around the world. This opened the door to a new hack.

The flaw has been dubbed "BleedingBit" and is actually two separate vulnerabilities that could allow a hacker to execute code or take complete control over a vulnerable device without the need of a password. What makes BleedingBit an especially dangerous flaw is the fact that a wide range of medical devices including pacemakers and insulin pumps can be targeted, along with other IoT devices and point of sale terminals.

According to the research team, the attack works as follows:

"First, the attacker sends multiple benign BLE broadcast messages called Advertising Packets, which will be stored on the memory of the vulnerable BLE chip in the targeted device.

Next, the attacker sends the overflow packet, which is a standard advertising packet with a subtle alteration - a specific bit in its header is turned ON instead of off. This bit causes the chip to allocate the information from the packet a much larger space than it really needs, triggering an overflow of critical memory in the process."

It should be noted that in order to execute the attack, a hacker would need to be in close proximity to the target device. Of course, once it has been compromised, it can be accessed again at will remotely, monitoring network traffic, conducting man in the middle attacks, or launching additional attacks on other devices connected to the targeted device.

The Armis researchers responsibly reported their findings and the chip manufacturer, Texas Instruments, has confirmed the vulnerabilities and has already released patches for the affected hardware.

If your company uses BLE chips in any aspect of your business, be sure to grab the latest update.

]]>http://www.acomputergeek.com/2018/11/17/researchers-have-found-a-new-security-issue-with-bluetooth/feed/0Google Updating reCAPTCHA To Make It Easier For Usershttp://www.acomputergeek.com/2018/11/16/google-updating-recaptcha-to-make-it-easier-for-users/
http://www.acomputergeek.com/2018/11/16/google-updating-recaptcha-to-make-it-easier-for-users/#respondFri, 16 Nov 2018 16:00:00 +0000http://www.acomputergeek.com/2018/11/16/google-updating-recaptcha-to-make-it-easier-for-users/Bots make up a shocking percentage of internet traffic. In fact, in some industries, there are far more bots trolling sites than ...]]>Bots make up a shocking percentage of internet traffic. In fact, in some industries, there are far more bots trolling sites than there are humans. Keeping bots from interfering with a website's functionality and impacting human user experiences is an ongoing challenge that Google and many other companies are struggling to address.

Google's first attempt at reigning in bot activity took the form of their reCAPTCHA system, which worked by requiring a website visitor to type in a string of graphically warped numbers and letters to prove their humanity.

It worked, but in response, the people behind all the bot traffic trained their bots to be able to decipher the text, creating a kind of digital arms race.

Google's next version of reCAPTCHA had users clicking on images to prove their humanity, verifying such mundane sights as street signs, busses, storefronts, intersections and the like. The second version also had the advantage of allowing people who correctly identified the landmarks in question through with minimal fuss.

Even so, it was far from a perfect solution that created annoying busywork for humans who just wanted to see the content on the website in question.

Now Google is taking another stab at it with the release of their third version of reCAPTCHA, and this one promises to allow humans to pass through without a single click and without having to decipher and type warped text strings.

The latest version has been in testing by a large user group for more than a year. It relies heavily on machine learning that focuses on deciphering and understanding human interaction with websites and how they differ from bot interaction. The command console allows admins a wide range of freedom to set their own identifying thresholds and protocols, which impact what traffic ultimately gets through the gateway.

It remains to be seen how successful this new approach will be, but currently, hopes and expectations are high. At long last, Google may have figured out a way to separate bot traffic from human, and to do so in a way that cuts down on the annoyance. Kudos to Google for their continued efforts on this front!

]]>http://www.acomputergeek.com/2018/11/16/google-updating-recaptcha-to-make-it-easier-for-users/feed/0Data Breach Hits Radisson Hotel Grouphttp://www.acomputergeek.com/2018/11/15/data-breach-hits-radisson-hotel-group/
http://www.acomputergeek.com/2018/11/15/data-breach-hits-radisson-hotel-group/#respondThu, 15 Nov 2018 16:00:00 +0000http://www.acomputergeek.com/2018/11/15/data-breach-hits-radisson-hotel-group/The Radisson Hotel Group joins the ranks of globally-recognized brands to be on the receiving end of a successful hack. According to ...]]>The Radisson Hotel Group joins the ranks of globally-recognized brands to be on the receiving end of a successful hack. According to the company, a small percentage of their loyalty club members had some of their personal information accessed by an unauthorized and as yet unknown third party. The company reports that no credit or debit card information was stolen.

The data breached was limited to:

Customer name

Customer address

Email address

Company name (in some cases)

Phone numbers associated with the account

The user's Loyalty Club member number

Although this breach impacted a relatively small number of users, all of them are high net worth individuals. This at least hints at the hacker's motivations. Massive data breaches seek to expose millions, or even tens of millions of user accounts so they can be sold in bulk on the Dark Web. A more targeted attack like this one, however, is clearly designed to target influential individuals with deep and widespread connections. Potentially, the damage caused by targeting such individuals could be much more far-reaching.

The Radisson Group responded quickly, first by revoking the access of the unauthorized individual as soon as it was detected, and second by flagging and monitoring all user accounts impacted by the breach. The company is taking an active role in monitoring impacted accounts for the foreseeable future, and individuals who had their personal information compromised have been notified.

If you're a member of the Radisson Rewards Club and haven't yet received a notification, then there's nothing to be done or to worry about. If you have received a notification, simply follow the instructions you received and you're all set.

While unfortunate, Radisson's handling of the incident has been exemplary, and serves as an excellent case study for other companies on how to respond to events like these.

]]>http://www.acomputergeek.com/2018/11/15/data-breach-hits-radisson-hotel-group/feed/0Are Some SSD Drives Susceptible To Hacking?http://www.acomputergeek.com/2018/11/14/are-some-ssd-drives-susceptible-to-hacking/
http://www.acomputergeek.com/2018/11/14/are-some-ssd-drives-susceptible-to-hacking/#respondWed, 14 Nov 2018 16:00:00 +0000http://www.acomputergeek.com/2018/11/14/are-some-ssd-drives-susceptible-to-hacking/A research team has found an exploit that allows hackers to decrypt and view encrypted files on a number of well-known SSD ...]]>A research team has found an exploit that allows hackers to decrypt and view encrypted files on a number of well-known SSD drives.

They include:

Samsung T5 Portable

Samsung T3 Portable

Samsung 850 EVO

Samsung 840 EVO

Crucial MX 300

Crucial MX 200

Crucial MX 100

According to the research team:

"We have analyzed the hardware full-disk encryption of several SSDs by reverse engineering their firmware. In theory, the security guarantees offered by hardware encryption are similar to or better than software implementations. In reality, we found that many hardware implementations have critical security weaknesses, for many models allowing for complete recovery of the data without knowledge of any secret."

The team disclosed their findings to both Crucial and Samsung to give both of the companies an opportunity to prepare firmware updates and get them out to their clients.

Crucial has responded swiftly, offering firmware updates to all three of the impacted drives. Samsung's response has been a bit more sluggish. To date, they've released firmware updates for the T3 and T5 models. Apparently though, the company has no plans to update their EVO drives, having issued a statement encouraging EVO users to opt for software encryption instead.

Unfortunately, there's another fly in the ointment. Windows' BitLocker software encryption will default to hard drive encryption if it finds it supported on a given drive. This means that BitLocker cannot be counted on as a viable software encryption solution. The same flaws that allow hackers access to the drives mentioned above will also allow them to circumvent BitLocker.

The bottom line is simply this: If you're relying on your SSD drive to secure your data, it may not be offering you as much protection as you had hoped, especially if you're currently using a Samsung EVO drive.

]]>http://www.acomputergeek.com/2018/11/14/are-some-ssd-drives-susceptible-to-hacking/feed/0Apple Adds Physical Security Feature To New MacBookhttp://www.acomputergeek.com/2018/11/13/apple-adds-physical-security-feature-to-new-macbook/
http://www.acomputergeek.com/2018/11/13/apple-adds-physical-security-feature-to-new-macbook/#respondTue, 13 Nov 2018 16:00:00 +0000http://www.acomputergeek.com/2018/11/13/apple-adds-physical-security-feature-to-new-macbook/In recent months, hackers around the world have been finding new ways to invade people's privacy, hijacking an increasing number of cameras ...]]>In recent months, hackers around the world have been finding new ways to invade people's privacy, hijacking an increasing number of cameras and microphones attached to smartphones and PCs. Apple is responding to the evolving threat by introducing a new layer of physical security to their latest MacBooks.

The company has created a custom security chip which introduces a means of physically disconnecting the PC's built-in microphone any time the user closes the lid on the machine.

As the company explains:

"This disconnect is implemented in hardware alone, and therefore prevents any software, even with root or kernel privileges in macOS, and even the software on the T2 (security) chip, from engaging the microphone when the lid is closed."

It's a good move that helps at the margins, but it's far from being a comprehensive solution. After all, you're still vulnerable while you're working, reading, or watching something on your computer, but it is an undeniably good first step.

The new security chip does far more than merely serving as a means to disable the built-in microphone, however. It provides a host of new security enhancements that, when combined with the macBook's Touch ID system, makes the PC more secure than it ever has been.

On top of that, the T2 chip provides a number of non-security features as well, including:

Auto balancing the FaceTime HD camera

Enhancing the Apple video encoder and audio controller

Controls the ambient sensor and the system management controller (SMC)

Acts as an image processer that enables enhanced tone mapping

In short then, it's a good addition that's destined to make an already great computer even better. Unfortunately, it's just a matter of time before the hackers figure out ways around most, if not all the new enhanced security features. Then the arms race will continue to its next phase.

]]>http://www.acomputergeek.com/2018/11/13/apple-adds-physical-security-feature-to-new-macbook/feed/0Another Intel Processor Vulnerability Foundhttp://www.acomputergeek.com/2018/11/12/another-intel-processor-vulnerability-found/
http://www.acomputergeek.com/2018/11/12/another-intel-processor-vulnerability-found/#respondMon, 12 Nov 2018 16:00:00 +0000http://www.acomputergeek.com/2018/11/12/another-intel-processor-vulnerability-found/Intel just can't seem to catch a break. By now, almost everyone has heard about the dreaded Spectre and Meltdown vulnerabilities which ...]]>Intel just can't seem to catch a break. By now, almost everyone has heard about the dreaded Spectre and Meltdown vulnerabilities which have been plaguing the chip maker since they were first discovered. Now, it seems there's a new chip-based threat.

This latest threat has been dubbed PortSmash by the research team from the Tampere University of Technology in Finland and the Technical University of Havana, in Cuba who jointly discovered it. It works by abusing a weakness in Intel's Hyper-Threading technology, which is Intel's implementation of SMT (Simultaneous Multi Threading).

The researchers had this to say about the attack:

"We recently discovered a new CPU microarchitecture attack vector. The nature of the leakage is due to execution engine sharing on SMT (e.g., Hyper-Threading) architecture.

More specifically, we detect port contention to construct a timing side channel to exfiltrate information from processes running in parallel on the same physical core."

In plain English, the vulnerability allows hackers to run a PortSmash process alongside a selected process running on the same CPU core. In doing so, the ProtSmash process can spy on that application and even lift data from it as desired by the hackers.

The team released a proof of concept on Github and demonstrated their ability to steal private decryption keys.

So far, the team has confirmed that the exploit works on Intel's Skylake and Kaby Lake processors, but there's strong circumstantial evidence that with modifications, the exploit would work on other chipsets as well, including those developed by rival AMD.

The reason for this is because the researchers believe SMT to be fundamentally flawed. It shares resources between two CPU instances while not providing any form of security differentiators between the two instances.

The research team responsibly reported the flaw to Intel, but the company did not respond in a timely manner, so the team published their findings, which prompted action by Intel. The company released a security patch on November 1.

]]>http://www.acomputergeek.com/2018/11/12/another-intel-processor-vulnerability-found/feed/0Video Embedding Feature In MS Word Has Security Vulnerability http://www.acomputergeek.com/2018/11/10/video-embedding-feature-in-ms-word-has-security-vulnerability/
http://www.acomputergeek.com/2018/11/10/video-embedding-feature-in-ms-word-has-security-vulnerability/#respondSat, 10 Nov 2018 16:00:00 +0000http://www.acomputergeek.com/2018/11/10/video-embedding-feature-in-ms-word-has-security-vulnerability/Researchers have discovered a security flaw in MS Office 2016 and older versions that leave the door open to hackers who can ...]]>Researchers have discovered a security flaw in MS Office 2016 and older versions that leave the door open to hackers who can take advantage of it to run malicious code on a target computer.

This latest hack exploits a flaw in the software's online video option, which allows users to embed a YouTube video via link inside the document. The problem is that when the link is pasted into a Word document, the software automatically generates an HTML embed script which is executed when the thumbnail image of the video is clicked on inside the document.

Word contains a file called "document.xml" which is a default file used by the program to generate the code to embed the video. It's a trivial matter to edit this file, only requiring removing the originally inserted URL and replacing it with a malicious one that would get executed by the IE Download Manager.

Alternately, a hacker could simply create a legitimate-looking Word document, insert a poisoned link into it, then send it to a target. If the target clicked the link, whatever malicious code the hacker has staged at the other end would run.

The researchers reported the bug to Microsoft, but the company made no response and refused to acknowledge it as a security vulnerability. After 90 days, the team made their findings public in hopes of spurring the company into action.

This did prompt a response from the company, but their response was simply that they had no intention of addressing the issue as the software is properly interpreting HTML as designed.

That's apparently the company's final word on the matter, so if your business is in the habit of using word documents with embedded videos for any purpose, be mindful of this exploit. It could easily be used against you.

]]>http://www.acomputergeek.com/2018/11/10/video-embedding-feature-in-ms-word-has-security-vulnerability/feed/0Most Apple Devices Are Getting A Major Software Updatehttp://www.acomputergeek.com/2018/11/09/most-apple-devices-are-getting-a-major-software-update/
http://www.acomputergeek.com/2018/11/09/most-apple-devices-are-getting-a-major-software-update/#respondFri, 09 Nov 2018 16:00:00 +0000http://www.acomputergeek.com/2018/11/09/most-apple-devices-are-getting-a-major-software-update/If you own Apple devices that use iOS, watchOS, tvOS, or macOS, there's good news. The company just released major updates for ...]]>If you own Apple devices that use iOS, watchOS, tvOS, or macOS, there's good news. The company just released major updates for all of those.

They're available right now, and here are a few of the highlights:

For iOS 12.1, the big changes are as follows:

Group Face Time, with support for audio and video calls with up to 32 participants simultaneously

Automatic contact of emergency services if you are immobile for more than a minute after the device detects a hard fall.

A fix for the "incomplete installation" issue some users were reporting for the Walkie-Talkie app

A fix for another Walkie-Talkie app issue that prevented some users from being able to send or receive invitations

Note, however that the much-anticipated ECG app is not yet available to users in the United States. Unfortunately, there's no firm timetable for when it will be, but the company promises that it will be soon.

Information is a bit spotty where the details of the tvOS update are concerned. This indicates that it's a more modest offering, containing bug fixes for existing issues rather than introducing any new features.

HomePod also got an update, although the notes for that one were sparse too, indicating little more than "general improvements for stability and quality."

In any case, if you own one or more Apple devices and you're not set up for auto updates, it's well worth paying a visit to Apple's website and checking out the latest options. Odds are that you'll want them.

]]>http://www.acomputergeek.com/2018/11/09/most-apple-devices-are-getting-a-major-software-update/feed/0iOS Gmail Users Will Be Able To Access Multiple Accountshttp://www.acomputergeek.com/2018/11/08/ios-gmail-users-will-be-able-to-access-multiple-accounts/
http://www.acomputergeek.com/2018/11/08/ios-gmail-users-will-be-able-to-access-multiple-accounts/#respondThu, 08 Nov 2018 16:00:00 +0000http://www.acomputergeek.com/2018/11/08/ios-gmail-users-will-be-able-to-access-multiple-accounts/Earlier this year, Google introduced a new and improved Gmail that gave users virtually unlimited customization options. In addition to that, it ...]]>Earlier this year, Google introduced a new and improved Gmail that gave users virtually unlimited customization options. In addition to that, it included some exciting new AI-based features that cut down on repetitive tasks and made email management significantly easier. These advancements are important in this day and age, given the sheer volume of messages most of us tend to get.

iOS Gmail users have historically lagged behind their Android counterparts, but that finally seems to be changing. In the company's most recent update, iOS Gmail users will at long last get access to a feature that Android users have been enjoying for quite some time: An "All Inboxes" view. This view allows an iOS Gmail user to access all of their email messages from all of their Gmail accounts in a single inbox.

The new feature isn't yet available - there's no mention of it on the release notes on the App Store, but in coming weeks, it will put in a long overdue appearance.

That's big news because many people have more than one Gmail account. At present, to access their various inboxes on Apple devices, the only option is to go to the navigation drawer and "switch user." Needless to say, it's a cumbersome operation that takes more time than it should.

Once the new feature becomes available, all you'll need to do to access it will be to go to the left-hand side of the navigation drawer and select the "all inboxes" option.

It should be noted that although this view puts all your emails under one umbrella for viewing, none of those mails are actually shared between the various accounts you have. There is no cross-pollination of inboxes; it is simply a single view that allows you to access them all at once. It's a great move and we're thrilled to finally see it.